3e35acfa52
* Prevent creating non-standards compliant certs. Changes generated certificates to have a NotBefore based on either the CA NotBefore or the current time. This prevents creation of certificates that are valid for too long making them return errors on platforms like MacOS. * Add license header and add test cases |
||
|---|---|---|
| .github | ||
| cert | ||
| factory | ||
| server | ||
| storage | ||
| CODEOWNERS | ||
| LICENSE | ||
| README.md | ||
| VERSION.md | ||
| filter.go | ||
| go.mod | ||
| go.sum | ||
| listener.go | ||
| listener_test.go | ||
| redirect.go | ||
| tcp.go | ||
README.md
dynamiclistener
DynamicListener allows you to setup a server with automatically generated (and re-generated) TLS certs with kubernetes secrets integration.
This README is a work in progress; aimed towards providing information for navigating the contents of this repository.
Changing the Expiration Days for Newly Signed Certificates
By default, a newly signed certificate is set to expire 365 days (1 year) after its creation time and date.
You can use the CATTLE_NEW_SIGNED_CERT_EXPIRATION_DAYS environment variable to change this value.
Please note: the value for the aforementioned variable must be a string representing an unsigned integer corresponding to the number of days until expiration (i.e. X509 "NotAfter" value).
Versioning
See VERSION.md.